Unauthorised AJAX Calls via Freemius

  • Resolved kgagne

    (@kgagne)


    3 years ago

    iThemes Security just reported “Known issues in Lightbox & Modal Popup WordPress Plugin – FooBox v2.7.16” as of 28 Feb 2022:

    Unauthorised AJAX Calls via Freemius

    Since Freemius is a known SaaS engine for selling WordPress plugins, and they advertise FooGallery right on their homepage, I don’t know why it would be considered a security issue. But is there a way to turn an “unauthorized” AJAX call into an “authorized” one?

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Author bradvin

    (@bradvin)

    hi @kgagne

    This is being patched and a release will be available for update within an hour

    Thread Starter kgagne

    (@kgagne)

    Yay! Thanks!

    Thread Starter kgagne

    (@kgagne)

    Thanks for releasing v2.7.17!

    • Updated 01/02/2022
    • Fix : Security Fix in wp-admin
    • Update : Update to Freemius SDK

    I think the date is wrong ?? but as long as it works!

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Unauthorised AJAX Calls via Freemius’ is closed to new replies.